Unlike many other products, the computer-executable instructions that comprise a software application can be perfectly reproduced, resulting in a copy that is, for all intents and purposes, identical to the original. As a result, the authors and manufacturers of software applications have struggled against improperly licensed copies of their software applications, with each unlicensed copy potentially resulting in one less sale of that software application. Lack of control over the distribution of properly licensed, authentic software application products also means that malicious computer-executable instructions, traditionally known as “malware”, including, for example, viruses and Trojans, can appear in the copies of software, affecting user privacy and security and negatively impacting the image of the original software manufacturer. Additionally, as networks of computing devices, including worldwide networks, become more ubiquitous, the copying of software applications continues to increase.
Much like with other products, software manufacturers have attempted to combat the unauthorized copying of software applications through mechanisms that make the original, properly purchased software application, better than the copy. For example, software manufacturers have offered post-sales service, such as continued upgrades and improvements, to those whose copies of software applications are properly licensed. With malware becoming increasingly dangerous, the post-sales upgrades and improvements offered to those with legitimate copies of software applications have become more important, as such upgrades and improvements are often directed to increasing the security of the software applications, and decreasing their vulnerability to malware.
For software applications independently purchased and installed on a computing device by a user, the user can be required to enter a product identifier, such as a product key, SKU, or other like identifier, to prove the legitimacy of the software application and to activate, or otherwise validate, the software application. However, for software applications that are installed on a computing device by the original manufacturer of such a computing device, and are sold bundled with it, a less user-involved, and more automatic, mechanism can be utilized. In particular, information identifying the bundled software applications, which can be used to prove the legitimacy of such applications, and can be used to activate, or otherwise validate, them, can be installed on the computing device by the original manufacturer at the time the computing device is manufactured. Subsequently, computer-executable instructions directed to activation and validation of bundled software applications can be executed, and can find the identifying information stored on the computing device and use it to activate and validate the bundled software applications.
Unfortunately, the identifying information currently installed on computing devices is not very well protected. For example, the identifying information is often stored in unprotected form in a known storage area such that false identifying information can be inserted into the activation and validation process, thereby allowing unlicensed, illegitimate copies of software applications to be activated and validated. Additionally, the identifying information currently installed on computing devices does not identify the software applications that are installed on any one particular computing device, further enabling mechanisms that can cause unlicensed, illegitimate copies of software applications to be activated and validated.
Because, at least in part, of the limitations of the current automated activation and validation mechanism utilized for bundled software applications, paper-based certificates of authenticity are still utilized to provide proof of the legitimacy of the copies of the software applications bundled with the computing device. Such paper certificates of authenticity, however, can represent a significant cash value, as they can be utilized to activate any copy of the relevant software applications. As such, the paper certificates of authenticity create a risk of theft and fraud that the computing device manufacturer must protect against.